nicehair.org has a strict privacy policy. We do not share your private details with anyone, nor do we sell them, nor do we use them to spam you.
An absolute no spam policy
We will never use your email address to send you spam emails. We will only send you emails if you opt-in to receive our free nicehair.org Hair Loss Newsletter and to send you a receipt. The only other time we will contact you is in reply to your questions and queries. In these cases, we are prompt, polite and to the point.
Your payment information
We do not handle your payment details — such as credit card numbers etc. — all of this information is processed securely and confidentially by Stripe.com. If you have any queries about your payment information please contact us and we will deal with your request promptly and courteously.
Your purchase
We will not send you any mail in the post and you will only receive a confirmation email receipt from Stripe plus an email from support@nicehair.org containing your member access details.
Privacy policy
1. Introduction
1.1 We are committed to safeguarding the privacy of our website visitors and service users.
1.2 This policy applies where we are acting as a data controller with respect to the personal data of our website visitors and service users; in other words, where we determine the purposes and means of the processing of that personal data.
1.3 We use cookies on our website. Insofar as those cookies are not strictly necessary for the provision of our website and services, we will ask you to consent to our use of cookies when you first visit our website.
1.4 Our website incorporates privacy controls which affect how we will process your personal data. By using the privacy controls, you can specify whether you would like to receive direct marketing communications and limit the publication of your information. You email me if you have any requests to edit data held by emailing support@nicehair.org.
1.5 In this policy, “we”, “us” and “our” refer to nicehair.org, owned and operated by Chris Boyle.
2. Credit
2.1 This document was created using a template from SEQ Legal (https://seqlegal.com/free-legal-documents/privacy-policy).
3. How we use your personal data
3.1 In this Section 3 we have set out:
(a) the general categories of personal data that we may process;
(b) [in the case of personal data that we did not obtain directly from you, the source and specific categories of that data];
(c) the purposes for which we may process personal data; and
(d) the legal bases of the processing.
3.2 We may process data about your use of our website and services (“usage data”). The usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. This is standard website analytics data and does not identofy you as an individual — your identity will remain anonymous unless you contact us and provide your personal details through a contact form. The source of the usage data is Google Analytics. This usage data may be processed for the purposes of analysing the use of the website and services. The legal basis for this processing is for monitoring and improving our website and services.
3.3 We may process your account data (“account data”). The account data may include your name and email address. The source of the account data is you and can only be attained by you voluntarily entering your data on the website. The account data may be processed for the purposes of operating our website, providing our services, ensuring the security of our website and services, maintaining back-ups of our databases and communicating with you. The legal basis for this processing is for providing you with access to a members account if you open one or for receiving email newsletters if you sign up to receive one.
3.4 We may process your information included in your personal profile on our website (“profile data”). The profile data may include your name and email address. The profile data may be processed for the purposes of accessing your account and/or receiving email newsletters.
3.5 We may process your personal data that are provided in the course of the use of our services (“service data”). The service data may be processed for the purposes of operating our website, providing our services, ensuring the security of our website and services, maintaining back-ups of our databases and communicating with you. The legal basis for this processing is our legitimate interests, namely the proper administration of our website and business.
3.6 We may process information contained in any enquiry you submit to us regarding goods and/or services (“enquiry data”). The enquiry data may be processed for the purposes of offering, marketing and selling relevant goods and/or services to you. The legal basis for this processing is your consent and will be given by you the user at the time of submitting data.
3.7 We may process information relating to transactions, including purchases of goods and services, that you enter into with us and/or through our website (“transaction data”). The transaction data may include your contact details, and the transaction details. We do not retain your payment details on nicehair.org. The source of the transaction data is Stripe.com. The transaction data may be processed for the purpose of supplying the purchased goods and services and keeping proper records of those transactions. The legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract and our legitimate interests, namely the proper administration of our website and business.
3.8 We may process information that you provide to us for the purpose of subscribing to our email notifications and/or newsletters (“notification data”). The notification data may be processed for the purposes of sending you the relevant notifications and/or newsletters. The legal basis for this processing is consent.
3.9 We may process information contained in or relating to any communication that you send to us (“correspondence data”). The correspondence data may include the communication content and metadata associated with the communication. Our website will generate the metadata associated with communications made using the website contact forms. The correspondence data may be processed for the purposes of communicating with you and record-keeping. The legal basis for this processing is our legitimate interests, namely the proper administration of our website and business and communications with users.
3.10 We may process your personal data identified in this policy where necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others.
3.11 Please do not supply any other person’s personal data to us, unless we prompt you to do so.
The policy: This privacy policy notice is served by Chris Boyle, 27 Cordwallis Road, Maidenhead, Berkshire SL6 7DQ under the website; [nicehair.org]. The purpose of this policy is to explain to you how we control, process, handle and protect your personal information through the business and while you browse or use this website. If you do not agree to the following policy you may wish to cease viewing / using this website, and or refrain from submitting your personal data to us.
Policy key definitions:
“I”, “our”, “us”, or “we” refer to the business, Chris Boyle.
“you”, “the user” refer to the person(s) using this website.
GDPR means General Data Protection Act.
PECR means Privacy & Electronic Communications Regulation.
ICO means Information Commissioner’s Office.
Cookies mean small files stored on a users computer or device.
Key principles of GDPR:
Our privacy policy embodies the following key priciples; (a) Lawfullness, fairness and transpatrency, (b) Purpose limitation, (c) Data minimisation, (d) Accurancy, (e) Storage limitation, (f) Integrity and confidence, (g) Accountability.
Processing of your personal data
Under the GDPR (General Data Protection Regulation) we control and / or process any personal information about you electronically using the following lawful bases.
Lawful basis: Consent
Where our purpose for processing is: Email newsletters and product purchases.
Data retention period: We will continue to process your information under this basis until you withdraw consent or it is determined your consent no longer exists.
Sharing your information: We do not share your information with third parties. / We do share your personal information with third parties and they include; Stripe.com.
Lawful basis: Contract
Where our purpose for processing is: for purchasing membership on nicehair.org
Which is necessary because: Stripe is our payment gateway provider.
We process your information in the following ways: email newsletters and membership access.
Data retention period: We will continue to process your information under this basis until you withdraw consent or it is determined your consent no longer exists.
If, as determined by us, the lawful basis upon which we process your personal information changes, we will notify you about the change and any new lawful basis to be used if required. We shall stop processing your personal information if the lawful basis used is no longer relevant.
Your individual rights
Under the GDPR your rights are as follows. You can read more about your rights in details here;
the right to be informed;
the right of access;
the right to rectification;
the right to erasure;
the right to restrict processing;
the right to data portability;
the right to object; and
the right not to be subject to automated decision-making including profiling.
You also have the right to complain to the ICO [www.ico.org.uk] if you feel there is a problem with the way we are handling your data.
We handle subject access requests in accordance with the GDPR.
Internet cookies
We use cookies on this website to provide you with a better user experience. We do this by placing a small text file on your device / computer hard drive to track how you use the website, to record or log whether you have seen particular messages that we display, to keep you logged into the website where applicable, to display relevant adverts or content, referred you to a third party website.
Some cookies are required to enjoy and use the full functionality of this website.
We use a cookie control system which allows you to accept the use of cookies, and control which cookies are saved to your device / computer. Some cookies will be saved for specific time periods, where others may last indefinitely. Your web browser should provide you with the controls to manage and delete cookies from your device, please see your web browser options.
Cookies that we use are;
- Google Analytics
Data security and protection
We ensure the security of any personal information we hold by using secure data storage technologies and precise procedures in how we store, access and manage that information. Our methods meet the GDPR compliance requirement.
Fair & Transparent Privacy Explained
We have provided some further explanations about user privacy and the way we use this website to help promote a transparent and honest user privacy methodology.
Sponsored links, affiliate tracking & commissions
Our website may contain adverts, sponsored and affiliate links on some pages. These are typically served through our advertising partners; Google Adsense, Amazon Affiliates, or are self served through our own means. We only use trusted advertising partners who each have high standards of user privacy and security. However we do not control the actual adverts seen / displayed by our advertising partners. Our ad partners may collect data and use cookies for ad personalisation and measurement. Where ad preferences are requested as ‘non-personalised’ cookies may still be used for frequency capping, aggregated ad reporting and to combat fraud and abuse.
Clickable sponsored or affiliate links may be displayed as a website URL.
Clicking on any adverts, sponsored or affiliate links may track your actions by using a cookie saved to your device. You can read more about cookies on this website above. Your actions are usually recorded as a referral from our website by this cookie. In most cases we earn a very small commission from the advertiser or advertising partner, at no cost to you, whether you make a purchase on their website or not.
We use advertising partners in these ways to help generate an income from the website, which allows us to continue our work and provide you with the best overall experience and valued information.
If you have any concerns about this we suggest you do not click on any adverts, sponsored or affiliate links found throughout the website.
Email marketing messages & subscription
Under the GDPR we use the consent lawful basis for anyone subscribing to our newsletter or marketing mailing list. We only collect certain data about you, as detailed in the “Processing of your personal date” above. Any email marketing messages we send are done so through an EMS, email marketing service provider. An EMS is a third party service provider of software / applications that allows marketers to send out email marketing campaigns to a list of users.
Email marketing messages that we send may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of data such as; times, dates, I.P addresses, opens, clicks, forwards, geographic and demographic data. Such data, within its limitations will show the activity each subscriber made for that email campaign.
Any email marketing messages we send are in accordance with the GDPR and the PECR. We provide you with an easy method to withdraw your consent (unsubscribe) or manage your preferences / the information we hold about you at any time. See any marketing messages for instructions on how to unsubscribe or manage your preferences, you can also unsubscribe from all MailChimp lists, by following this link, otherwise contact the EMS provider.
Our EMS provider is; MailChimp. We hold the following information about you within our EMS system;
Email address
I.P address
Subscription time & date
Resources & further information
Overview of the GDPR – General Data Protection Regulation
Data Protection Act 2018
Privacy and Electronic Communications Regulations 2003
The Guide to the PECR 2003
Twitter Privacy Policy
Facebook Privacy Policy
Google Privacy Policy
Linkedin Privacy Policy
Mailchimp Privacy Policy
Small business GDPR policy template